Provide own key and cert
Provide own certificate and key
You can provide your own certificate and key using -s -sk <key> -sc <certificate>.
$ goshs -s -sk key.pem -sc cert.pem
INFO [2024-07-04 18:01:46] Download embedded file at: /example.txt?embedded
INFO [2024-07-04 18:01:46] Serving on interface lo bound to 127.0.0.1:8000
INFO [2024-07-04 18:01:46] Serving on interface eth0 bound to 10.137.0.27:8000
INFO [2024-07-04 18:01:46] Serving HTTPS from /home/user with ssl enabled server key: key.pem, server cert: cert.pem
INFO [2024-07-04 18:01:46] You provided a certificate and might want to check the fingerprint nonetheless
INFO [2024-07-04 18:01:46] SHA-256 Fingerprint: BC 8B 2A C5 86 16 6A 19 08 BD 10 19 B2 A6 87 3B 42 6A 44 00 5B 76 10 5F 19 96 79 D6 AF 61 5F EE
INFO [2024-07-04 18:01:46] SHA-1 Fingerprint: 76 74 6A 3A AD C1 27 39 CC BC 6C 50 9B 6B C9 EB 7A 01 69 09 Warning
Notice that this only works with keys that have no passphrases. You could convert your key like: openssl rsa -in [original.key] -out [new.key].
Provide own p12 file
If you want to keep your certificate file protected by a passphrase but use it with goshs you can do so by using a p12 file.
First you convert your certificate and key to a p12 file like so:
openssl pkcs12 -export -inkey key.pem -in cert.pem -out cert.p12Now you can use it with -s -p12 and goshs will ask for the password of the p12 file before starting:
$ goshs -s -p12 cert.p12
INFO [2024-07-04 18:01:46] Download embedded file at: /example.txt?embedded
Enter password for cert.p12: ****
INFO [2024-07-04 18:01:46] Serving on interface lo bound to 127.0.0.1:8000
INFO [2024-07-04 18:01:46] Serving on interface eth0 bound to 10.137.0.27:8000
INFO [2024-07-04 18:01:46] Serving HTTPS from /home/user with ssl enabled server key: , server cert: , server p12: /tmp/test/cert.p12
INFO [2024-07-04 18:01:46] You provided a certificate and might want to check the fingerprint nonetheless
INFO [2024-07-04 18:01:46] SHA-256 Fingerprint: B4 46 6E A6 78 1B 1D B0 6D BA 66 68 3E 1E E0 65 38 65 6C 98 30 63 83 1E 3F DB AE D5 9E 28 42 50
INFO [2024-07-04 18:01:46] SHA-1 Fingerprint: 87 88 A8 F9 9D 44 14 16 2A 9C 6A C5 89 B8 E1 D5 2B 26 5F 9B